Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange open-xchange documents vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2021-28095
OX Documents prior to 7.10.5-rev5 has Incorrect Access Control for documents that contain XML structures because hash collisions can occur, due to use of CRC32.
Open-xchange Open-xchange Documents 7.10.5
Open-xchange Open-xchange Documents
6.4
CVSSv2
CVE-2021-28093
OX Documents prior to 7.10.5-rev5 has Incorrect Access Control of converted images because hash collisions can occur, due to use of Adler32.
Open-xchange Open-xchange Documents 7.10.5
Open-xchange Open-xchange Documents
6.4
CVSSv2
CVE-2021-28094
OX Documents prior to 7.10.5-rev7 has Incorrect Access Control for converted documents because hash collisions can occur, due to use of CRC32.
Open-xchange Open-xchange Documents 7.10.5
Open-xchange Open-xchange Documents
3.5
CVSSv2
CVE-2020-8542
OX App Suite up to and including 7.10.3 allows XSS.
Open-xchange Open-xchange Appsuite 7.10.1
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.3
5
CVSSv2
CVE-2020-8543
OX App Suite up to and including 7.10.3 has Improper Input Validation.
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.10.1
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.3
4
CVSSv2
CVE-2020-8544
OX App Suite up to and including 7.10.3 allows SSRF.
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.10.1
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.3
4
CVSSv2
CVE-2020-8541
OX App Suite up to and including 7.10.3 allows XXE attacks.
Open-xchange Open-xchange Appsuite 7.10.1
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.3
4
CVSSv2
CVE-2020-15003
OX App Suite up to and including 7.10.3 allows Information Exposure because a user can obtain the IP address and User-Agent string of a different user (via the session API during shared Drive access).
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.3
3.5
CVSSv2
CVE-2020-15004
OX App Suite up to and including 7.10.3 allows stats/diagnostic?param= XSS.
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.3
4.3
CVSSv2
CVE-2013-6997
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange (OX) AppSuite 7.4.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) an HTML email with crafted CSS code containing wildcards or (2) office documents containing &q...
Open-xchange Open-xchange Appsuite 6.20.7
Open-xchange Open-xchange Appsuite 6.22.0
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.0.2
Open-xchange Open-xchange Appsuite 7.2.0
Open-xchange Open-xchange Appsuite 6.22.1
Open-xchange Open-xchange Appsuite 7.0.1
Open-xchange Open-xchange Appsuite 7.2.1
Open-xchange Open-xchange Appsuite 7.2.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »